If this is your first visit, be sure to
check out the FAQ by clicking the
link above. You may have to register
before you can post: click the register link above to proceed. To start viewing messages,
select the forum that you want to visit from the selection below.

Okay, quick rundown of your options, in increasing order of, unsurprisingly enough, both security and ease of use:

1) MAC filtering - It will keep out the casual wardrivers, as soooo many others leave their access points wide open. In practice, an attacker just needs to watch for a valid session, then wait for it to go away and set his own MAC to an allowed one.

2) IP filtering - It will keep out the casual wardrivers, as soooo many others leave their access points wide open. In practice, an attacker just needs to watch for a valid session, then wait for it to go away and set his own IP address to an allowed one.

3) No SSID broadcast - It will keep out the casual wardrivers, as soooo many others leave their access points wide open. In practice, this only works as long as no traffic goes out over the wireless link. A single packet will betray its presence (and you can't really use it without causing traffic).
Some machines will also have difficulty connecting to SSIDless APs, which won't really stop attackers, just annoy legitimate users.

4) WEP - It will keep out the casual wardrivers, as so many others leave their access points wide open. In practice, the newest technique can crack 128 bit WEP keys in under 40k packets (three to five minutes of active use).

5) Minimize transmit power - It will keep out the casual wardrivers, as so many others leave their access points wide open and talking at full power. If you have the AP in the same room as the computer, this can work reasonably well (though you may have intermittent signal dropouts, VERY annoying). If you have even a single wall or floor between the PC and the AP, you'll need a strong enough signal that you can all but guarantee that somewhere outside the building will also have a sufficient signal.

6) WPA-PSK/TKIP - Reasonably secure, but more complicated to set up than simple WEP, and still prone to dictionary attacks.

7) WPA-EAP - Requires a Radius server, and in general involves far more infrastructure than the typical home user wants to deal with.

Anyone notice a pattern here?

Basically, "secure wireless" doesn't exist, and most of the measures you can take will only serve to make you a less attractive target for someone casually looking for an open AP.

In practice, I recommend only three steps - Rename your AP (I recently ran into a situation at a friend's house where he could see between one and two dozen APs, most of which had the default names and no security - No one had any idea which APs they actually used!); Change its password (not the WEP key, it has a separate password to let you change settings on it); And enable 40/64 bit WEP with a nontrivial but easy to remember key. That will keep out 99% of people, while nothing short of going to WPA will keep out the other 1%.

Nothing is 100% but...

While it is true that it's darn near impossible to make a wireless network 100% secure it is possible to do a few things that will come as close as most of us home users need to be.

I would agree with some of what ribnag and others have said. I'd add #3 on the list as I didn't see it mentioned before. Some of what has been mentioned I think is a waste of time... more trouble than it's worth. A good friend of mine has spent the last 13 years working in the navy with electronics and computers. Here's his advice and what I currently use to secure my network and limit access to the internet:

1. Rename the login and password of your router! Most people never take the time to do this... even though most manuals tell you to. This is a must do basic security move! There are lists of default logins and passwords for routers all over the internet. Why wouldn't you take the time to change yours? If someone knows, or can guess, the login and password for your router they can change any setting they want.

2. Change the SSID of your wireless network and disable SSID Broadcast! The name of your wireless network SHOULD NOT be the default set by the manufacturer. This falls into the same category as #1. While you're in there changing settings disable SSID broadcast. While it's still not impossible to find the SSID when it's not broadcast most hackers would never spend the time considering you probably don't have anything worth that much time and effort AND there are so many unsecured networks around.

3. Disable remote administration (a.k.a. remote management)!This is usually found under Security or Administration in the router settings. USUALLY this is disabled by default. If this is enabled anyone with access to your wireless can screw with the settings of your router. You don't want that! You want to have to connect to your router by ethernet cable to make changes. Don't assume this is disabled... check!

4. Enable MAC Adress Filtering (a.k.a. Access Control List)! Each wireless device has a unique MAC address. For most devices it's listed on a tag or sticker. For computers/laptops you've just got to look it up via software on the computer. This is easy to do and there are intructions all over the internet... google "find mac address". When you want to allow someone to use your wireless you give them your SSID AND put their MAC address into your router. When you want to remove them you delete it. It's that easy! Even if they stil know your SSID, without their MAC address in your router they're out! No passwords or keys to change like WEP or WPA. While it is possible to steal or clone a MAC address most hackers aren't going to bother. They're just going to go find one of the bazillion unsecured networks around.

A lot of people use WEP encryptoin but here's the deal... it's really weak. WPA was created because WEP is so poor. WPA is MUCH stronger security... WPA Enterprise is a whole nother animal and really only for the commercial environment. WPA isn't too hard to set up IF you have the right equipment. But, all your wirless components, including your computer, have to support it or it won't work. Even some of the cheaper stuff brand new on the shelf today doesn't support it. That's why a lot of people have trouble trying to get it to work.

Just today I was reading that some college kids in Germany can now crack any system using WEP in around 90 seconds consistently. Luckily these are the good guys trying to show that it's not worth using. While we don't live near them it shows how weak WEP is. Why bother with keys and passwords for something that doesn't offer good security.

If you do the things listed above you can sleep reasonably well that you're in good shape. While not 100% fool proof it's really as close as most of us need to be.

How come we choose from just two people to run for president and 50 for Miss America?

We have Verizon and had a horrible time with it. We set up a firewall, something that asks for a wep password when I use either of the laptops, and bought pc cillin to let us know when others are trying to access. I too live in a fairly close neighborhood.

All these things helped but I will second where there is a will there is a way.